US20260046613A1
SECURITY SIGNATURES ADDED BY RECONFIGURABLE INTELLIGENT SURFACE (RIS) CONTROLLER ON RIS SURFACE
Publication
Application
Classifications
IPC Classifications
CPC Classifications
Applicants
QUALCOMM Incorporated
Inventors
Ahmed ELSHAFIE, Alexandros MANOLAKOS, Hung Dinh LY, Yu ZHANG, Wanshi CHEN, Peter GAAL
Abstract
Certain aspects of the present disclosure provide a method for wireless communications at a controller. The controller obtains, from a network entity, signaling indicating a configuration for a security signature for at least one reconfigurable intelligent surface (RIS). The controller configures the at least one RIS according to the security signature.
Figures
Description
CROSS-REFERENCE TO RELATED APPLICATION(S)
[0001]This application claims priority to Greece Patent Application No. 20220100787, filed Sep. 26, 2022, which is hereby incorporated by reference herein.
BACKGROUND
Field of the Disclosure
[0002]Aspects of the present disclosure relate to wireless communications, and more particularly, to techniques for managing secure communications in a reconfigurable intelligent surface (RIS) based wireless communications system.
Description of Related Art
[0003]Wireless communications systems are widely deployed to provide various telecommunication services such as telephony, video, data, messaging, broadcasts, or other similar types of services. These wireless communications systems may employ multiple-access technologies capable of supporting communications with multiple users by sharing available wireless communications system resources with those users.
[0004]Although wireless communications systems have made great technological advancements over many years, challenges still exist. For example, complex and dynamic environments can still attenuate or block signals between wireless transmitters and wireless receivers. Accordingly, there is a continuous desire to improve the technical performance of wireless communications systems, including, for example: improving speed and data carrying capacity of communications, improving efficiency of the use of shared communications mediums, reducing power used by transmitters and receivers while performing communications, improving reliability of wireless communications, avoiding redundant transmissions and/or receptions and related processing, improving the coverage area of wireless communications, increasing the number and types of devices that can access wireless communications systems, increasing the ability for different types of devices to intercommunicate, increasing the number and type of wireless communications mediums available for use, and the like. Consequently, there exists a need for further improvements in wireless communications systems to overcome the aforementioned technical challenges and others.
SUMMARY
[0005]One aspect provides a method for wireless communications at a controller. The method includes obtaining, from a network entity, signaling indicating a configuration for a security signature for at least one reconfigurable intelligent surface (RIS); and configuring the at least one RIS according to the security signature.
[0006]Another aspect provides a method for wireless communications at a user equipment (UE). The method includes obtaining, from a network entity, signaling indicating a secret-key; obtaining, from the network entity, an artificial noise (AN) signal; obtaining, from the network entity, a data signal via an RIS; and decoding the obtained data signal and the obtained AN signal, in accordance with the secret-key.
[0007]Another aspect provides a method for wireless communications at a network entity. The method includes determining a secret-key shared among at least two of the network entity, a UE, and a controller of at least one RIS; generating AN signal, in accordance with the secret-key; and outputting the AN signal for transmission to the UE.
[0008]Other aspects provide: an apparatus operable, configured, or otherwise adapted to perform the aforementioned methods as well as those described elsewhere herein; a non-transitory, computer-readable media comprising instructions that, when executed by a processor of an apparatus, cause the apparatus to perform the aforementioned methods as well as those described elsewhere herein; a computer program product embodied on a computer-readable storage medium comprising code for performing the aforementioned methods as well as those described elsewhere herein; and an apparatus comprising means for performing the aforementioned methods as well as those described elsewhere herein. By way of example, an apparatus may comprise a processing system, a device with a processing system, or processing systems cooperating over one or more networks.
[0009]The following description and the appended figures set forth certain features for purposes of illustration.
BRIEF DESCRIPTION OF DRAWINGS
[0010]The appended figures depict certain features of the various aspects described herein and are not to be considered limiting of the scope of this disclosure.
[0011]
[0012]
[0013]
[0014]
[0015]
[0016]
[0017]
[0018]
[0019]
[0020]
[0021]
[0022]
[0023]
[0024]
[0025]
[0026]
[0027]
DETAILED DESCRIPTION
[0028]Aspects of the present disclosure provide apparatuses, methods, processing systems, and computer-readable mediums for managing secure communications in a reconfigurable intelligent surface (RIS) based wireless communications system.
[0029]In some wireless communications systems, communication channels and/or devices may not be protected, which may result in insecure communications (i.e., communications are susceptible to interception). For example, in an RIS-based wireless communications system, some devices (e.g., an RIS controller of an RIS) may not have any upper layer security, which may result in the insecure communications. Also, in this system, some communication channels and/or layers may not be protected or secured. For example, downlink and uplink communications supported by a physical (PHY) layer may not be protected. Accordingly, in such systems, a potential attacker user equipment (UE) is able to attack the RIS and/or a network entity, which may result in the insecure communications between devices of this system. Therefore, there is a need for techniques to enable the secure communications in the RIS-based wireless communications system.
[0030]Aspects of the present disclosure provide techniques for enabling secure communications in an RIS-based wireless communications system. For example, to improve PHY layer security, a controller of an RIS, a UE, and/or a network entity of the RIS-based wireless communications system may agree on a secret-key. The controller may receive a signal from a transmitter device such as the network entity. The controller may add a secret-key based random signature (e.g., apply random amplitude or phase) to the received signal, which is then reflected from a surface of the RIS towards a receiver device such as the UE. Since the UE also has the secret-key, the UE is able to decode the signal received from the RIS based on the secret-key. However, in some cases, if the RIS reflects the signal towards an illegitimate receiver device, the illegitimate receiver device will not be able to decode the received signal, since the illegitimate receiver device does not have the secret-key.
Introduction to Wireless Communications Networks
[0031]The techniques and methods described herein may be used for various wireless communications networks. While aspects may be described herein using terminology commonly associated with 3G, 4G, and/or 5G wireless technologies, aspects of the present disclosure may likewise be applicable to other communications systems and standards not explicitly mentioned herein.
[0032]
[0033]Generally, wireless communications network 100 includes various network entities (alternatively, network elements or network nodes). A network entity is generally a communications device and/or a communications function performed by a communications device (e.g., a user equipment (UE), a base station (BS), a component of a BS, a server, etc.). For example, various functions of a network as well as various devices associated with and interacting with a network may be considered network entities. Further, wireless communications network 100 includes terrestrial aspects, such as ground-based network entities (e.g., BSs 102), and non-terrestrial aspects, such as satellite 140 and aircraft 145, which may include network entities on-board (e.g., one or more BSs) capable of communicating with other network elements (e.g., terrestrial BSs) and UEs.
[0034]In the depicted example, wireless communications network 100 includes BSs 102, UEs 104, and one or more core networks, such as an Evolved Packet Core (EPC) 160 and 5G Core (5GC) network 190, which interoperate to provide communications services over various communications links, including wired and wireless links.
[0035]
[0036]BSs 102 wirelessly communicate with (e.g., transmit signals to or receive signals from) UEs 104 via communications links 120. The communications links 120 between BSs 102 and UEs 104 may include uplink (UL) (also referred to as reverse link) transmissions from a UE 104 to a BS 102 and/or downlink (DL) (also referred to as forward link) transmissions from a BS 102 to a UE 104. The communications links 120 may use multiple-input and multiple-output (MIMO) antenna technology, including spatial multiplexing, beamforming, and/or transmit diversity in various aspects.
[0037]BSs 102 may generally include: a NodeB, enhanced NodeB (eNB), next generation enhanced NodeB (ng-eNB), next generation NodeB (gNB or gNodeB), access point, base transceiver station, radio BS, radio transceiver, transceiver function, transmission reception point, and/or others. Each of BSs 102 may provide communications coverage for a respective geographic coverage area 110, which may sometimes be referred to as a cell, and which may overlap in some cases (e.g., small cell 102′ may have a coverage area 110′ that overlaps the coverage area 110 of a macro cell). A BS may, for example, provide communications coverage for a macro cell (covering relatively large geographic area), a pico cell (covering relatively smaller geographic area, such as a sports stadium), a femto cell (relatively smaller geographic area (e.g., a home)), and/or other types of cells.
[0038]While BSs 102 are depicted in various aspects as unitary communications devices, BSs 102 may be implemented in various configurations. For example, one or more components of a BS 102 may be disaggregated, including a central unit (CU), one or more distributed units (DUs), one or more radio units (RUs), a Near-Real Time (Near-RT) RAN Intelligent Controller (RIC), or a Non-Real Time (Non-RT) RIC, to name a few examples. In another example, various aspects of a BS 102 may be virtualized. More generally, a BS (e.g., BS 102) may include components that are located at a single physical location or components located at various physical locations. In examples in which a BS 102 includes components that are located at various physical locations, the various components may each perform functions such that, collectively, the various components achieve functionality that is similar to a BS 102 that is located at a single physical location. In some aspects, a BS 102 including components that are located at various physical locations may be referred to as a disaggregated radio access network (RAN) architecture, such as an Open RAN (O-RAN) or Virtualized RAN (VRAN) architecture.
[0039]Different BSs 102 within wireless communications network 100 may also be configured to support different radio access technologies, such as 3G, 4G, and/or 5G. For example, BSs 102 configured for 4G LTE (collectively referred to as Evolved Universal Mobile Telecommunications System (UMTS) Terrestrial Radio Access Network (E-UTRAN)) may interface with the EPC 160 through first backhaul links 132 (e.g., an S1 interface). BSs 102 configured for 5G (e.g., 5G NR or Next Generation RAN (NG-RAN)) may interface with 5GC 190 through second backhaul links 184. BSs 102 may communicate directly or indirectly (e.g., through the EPC 160 or 5GC 190) with each other over third backhaul links 134 (e.g., X2 interface), which may be wired or wireless.
[0040]Wireless communications network 100 may subdivide the electromagnetic spectrum into various classes, bands, channels, or other features. In some aspects, the subdivision is provided based on wavelength and frequency, where frequency may also be referred to as a carrier, a subcarrier, a frequency channel, a tone, or a subband. For example, 3GPP currently defines Frequency Range 1 (FR1) as including 600 MHz-6 GHz, which is often referred to (interchangeably) as “Sub-6 GHz”. Similarly, 3GPP currently defines Frequency Range 2 (FR2) as including 26-41 GHz, which is sometimes referred to (interchangeably) as a “millimeter wave” (“mmW” or “mm Wave”). A BS configured to communicate using mm Wave/near mm Wave radio frequency bands (e.g., a mm Wave BS such as BS 180) may utilize beamforming (e.g., 182) with a UE (e.g., 104) to improve path loss and range.
[0041]The communications links 120 between BSs 102 and, for example, UEs 104, may be through one or more carriers, which may have different bandwidths (e.g., 5, 10, 15, 20, 100, 400, and/or other MHz), and which may be aggregated in various aspects. Carriers may or may not be adjacent to each other. Allocation of carriers may be asymmetric with respect to DL and UL (e.g., more or fewer carriers may be allocated for DL than for UL).
[0042]Communications using higher frequency bands may have higher path loss and a shorter range compared to lower frequency communications. Accordingly, certain BSs (e.g., 180 in
[0043]Wireless communications network 100 further includes a Wi-Fi AP 150 in communication with Wi-Fi stations (STAs) 152 via communications links 154 in, for example, a 2.4 GHz and/or 5 GHz unlicensed frequency spectrum.
[0044]Certain UEs 104 may communicate with each other using device-to-device (D2D) communications link 158. D2D communications link 158 may use one or more sidelink channels, such as a physical sidelink broadcast channel (PSBCH), a physical sidelink discovery channel (PSDCH), a physical sidelink shared channel (PSSCH), a physical sidelink control channel (PSCCH), and/or a physical sidelink feedback channel (PSFCH).
[0045]EPC 160 may include various functional components, including: a Mobility Management Entity (MME) 162, other MMEs 164, a Serving Gateway 166, a Multimedia Broadcast Multicast Service (MBMS) Gateway 168, a Broadcast Multicast Service Center (BM-SC) 170, and/or a Packet Data Network (PDN) Gateway 172, such as in the depicted example. MME 162 may be in communication with a Home Subscriber Server (HSS) 174. MME 162 is the control node that processes the signaling between the UEs 104 and the EPC 160. Generally, MME 162 provides bearer and connection management.
[0046]Generally, user Internet protocol (IP) packets are transferred through Serving Gateway 166, which itself is connected to PDN Gateway 172. PDN Gateway 172 provides UE IP address allocation as well as other functions. PDN Gateway 172 and the BM-SC 170 are connected to IP Services 176, which may include, for example, the Internet, an intranet, an IP Multimedia Subsystem (IMS), a Packet Switched (PS) streaming service, and/or other IP services.
[0047]BM-SC 170 may provide functions for MBMS user service provisioning and delivery. BM-SC 170 may serve as an entry point for content provider MBMS transmission, may be used to authorize and initiate MBMS Bearer Services within a public land mobile network (PLMN), and/or may be used to schedule MBMS transmissions. MBMS Gateway 168 may be used to distribute MBMS traffic to the BSs 102 belonging to a Multicast Broadcast Single Frequency Network (MBSFN) area broadcasting a particular service, and/or may be responsible for session management (start/stop) and for collecting eMBMS related charging information.
[0048]5GC 190 may include various functional components, including: an Access and Mobility Management Function (AMF) 192, other AMFs 193, a Session Management Function (SMF) 194, and a User Plane Function (UPF) 195. AMF 192 may be in communication with Unified Data Management (UDM) 196.
[0049]AMF 192 is a control node that processes signaling between UEs 104 and 5GC 190. AMF 192 provides, for example, quality of service (QoS) flow and session management.
[0050]Internet protocol (IP) packets are transferred through UPF 195, which is connected to the IP Services 197, and which provides UE IP address allocation as well as other functions for 5GC 190. IP Services 197 may include, for example, the Internet, an intranet, an IMS, a PS streaming service, and/or other IP services.
[0051]Wireless communication network 100 further includes reconfigurable intelligent surface (RIS) component 198, which may be configured to perform methods 1700 of
[0052]In various aspects, a network entity or network node can be implemented as an aggregated BS, as a disaggregated BS, a component of a BS, an integrated access and backhaul (IAB) node, a relay node, a sidelink node, to name a few examples.
[0053]
[0054]Each of the units, e.g., the CUS 210, the DUs 230, the RUs 240, as well as the Near-RT RICs 225, the Non-RT RICs 215 and the SMO Framework 205, may include one or more interfaces or be coupled to one or more interfaces configured to receive or transmit signals, data, or information (collectively, signals) via a wired or wireless transmission medium. Each of the units, or an associated processor or controller providing instructions to the communications interfaces of the units, can be configured to communicate with one or more of the other units via the transmission medium. For example, the units can include a wired interface configured to receive or transmit signals over a wired transmission medium to one or more of the other units. Additionally or alternatively, the units can include a wireless interface, which may include a receiver, a transmitter or transceiver (such as a radio frequency (RF) transceiver), configured to receive or transmit signals, or both, over a wireless transmission medium to one or more of the other units.
[0055]In some aspects, the CU 210 may host one or more higher layer control functions. Such control functions can include radio resource control (RRC), packet data convergence protocol (PDCP), service data adaptation protocol (SDAP), or the like. Each control function can be implemented with an interface configured to communicate signals with other control functions hosted by the CU 210. The CU 210 may be configured to handle user plane functionality (e.g., Central Unit-User Plane (CU-UP)), control plane functionality (e.g., Central Unit-Control Plane (CU-CP)), or a combination thereof. In some implementations, the CU 210 can be logically split into one or more CU-UP units and one or more CU-CP units. The CU-UP unit can communicate bidirectionally with the CU-CP unit via an interface, such as the E1 interface when implemented in an O-RAN configuration. The CU 210 can be implemented to communicate with the DU 230, as necessary, for network control and signaling.
[0056]The DU 230 may correspond to a logical unit that includes one or more BS functions to control the operation of one or more RUs 240. In some aspects, the DU 230 may host one or more of a radio link control (RLC) layer, a medium access control (MAC) layer, and one or more high physical (PHY) layers (such as modules for forward error correction (FEC) encoding and decoding, scrambling, modulation and demodulation, or the like) depending, at least in part, on a functional split, such as those defined by the 3rd Generation Partnership Project (3GPP). In some aspects, the DU 230 may further host one or more low PHY layers. Each layer (or module) can be implemented with an interface configured to communicate signals with other layers (and modules) hosted by the DU 230, or with the control functions hosted by the CU 210.
[0057]Lower-layer functionality can be implemented by one or more RUs 240. In some deployments, an RU 240, controlled by a DU 230, may correspond to a logical node that hosts RF processing functions, or low-PHY layer functions (such as performing fast Fourier transform (FFT), inverse FFT (iFFT), digital beamforming, physical random access channel (PRACH) extraction and filtering, or the like), or both, based at least in part on the functional split, such as a lower layer functional split. In such an architecture, the RU(s) 240 can be implemented to handle over the air (OTA) communications with one or more UEs 104. In some implementations, real-time and non-real-time aspects of control and user plane communications with the RU(s) 240 can be controlled by the corresponding DU 230. In some scenarios, this configuration can enable the DU(s) 230 and the CU 210 to be implemented in a cloud-based RAN architecture, such as a vRAN architecture.
[0058]The SMO Framework 205 may be configured to support RAN deployment and provisioning of non-virtualized and virtualized network elements. For non-virtualized network elements, the SMO Framework 205 may be configured to support the deployment of dedicated physical resources for RAN coverage requirements which may be managed via an operations and maintenance interface (such as an O1 interface). For virtualized network elements, the SMO Framework 205 may be configured to interact with a cloud computing platform (such as an open cloud (O-Cloud) 290) to perform network element life cycle management (such as to instantiate virtualized network elements) via a cloud computing platform interface (such as an O2 interface). Such virtualized network elements can include, but are not limited to, CUs 210, DUs 230, RUs 240 and Near-RT RICs 225. In some implementations, the SMO Framework 205 can communicate with a hardware aspect of a 4G RAN, such as an open eNB (O-eNB) 211, via an O1 interface. Additionally, in some implementations, the SMO Framework 205 can communicate directly with one or more RUs 240 via an O1 interface. The SMO Framework 205 also may include a Non-RT RIC 215 configured to support functionality of the SMO Framework 205.
[0059]The Non-RT RIC 215 may be configured to include a logical function that enables non-real-time control and optimization of RAN elements and resources, Artificial Intelligence/Machine Learning (AI/ML) workflows including model training and updates, or policy-based guidance of applications/features in the Near-RT RIC 225. The Non-RT RIC 215 may be coupled to or communicate with (such as via an A1 interface) the Near-RT RIC 225. The Near-RT RIC 225 may be configured to include a logical function that enables near-real-time control and optimization of RAN elements and resources via data collection and actions over an interface (such as via an E2 interface) connecting one or more CUs 210, one or more DUs 230, or both, as well as an O-eNB, with the Near-RT RIC 225.
[0060]In some implementations, to generate AI/ML models to be deployed in the Near-RT RIC 225, the Non-RT RIC 215 may receive parameters or external enrichment information from external servers. Such information may be utilized by the Near-RT RIC 225 and may be received at the SMO Framework 205 or the Non-RT RIC 215 from non-network data sources or from network functions. In some examples, the Non-RT RIC 215 or the Near-RT RIC 225 may be configured to tune RAN behavior or performance. For example, the Non-RT RIC 215 may monitor long-term trends and patterns for performance and employ AI/ML models to perform corrective actions through the SMO Framework 205 (such as reconfiguration via O1) or via creation of RAN management policies (such as A1 policies).
[0061]
[0062]Generally, BS 102 includes various processors (e.g., 320, 330, 338, and 340), antennas 334a-t (collectively 334), transceivers 332a-t (collectively 332), which include modulators and demodulators, and other aspects, which enable wireless transmission of data (e.g., data source 312) and wireless reception of data (e.g., data sink 339). For example, BS 102 may send and receive data between BS 102 and UE 104. BS 102 includes controller/processor 340, which may be configured to implement various functions described herein related to wireless communications.
[0063]BS 102 includes controller/processor 340, which may be configured to implement various functions related to wireless communications. In the depicted example, controller/processor 340 includes RIS component 341, which may be representative of RIS component 199 of
[0064]Generally, UE 104 includes various processors (e.g., 358, 364, 366, and 380), antennas 352a-r (collectively 352), transceivers 354a-r (collectively 354), which include modulators and demodulators, and other aspects, which enable wireless transmission of data (e.g., retrieved from data source 362) and wireless reception of data (e.g., provided to data sink 360). UE 104 includes controller/processor 380, which may be configured to implement various functions described herein related to wireless communications.
[0065]UE 104 includes controller/processor 380, which may be configured to implement various functions related to wireless communications. In the depicted example, controller/processor 380 includes RIS component 381, which may be representative of RIS component 198 of
[0066]In regards to an example downlink transmission, BS 102 includes a transmit processor 320 that may receive data from a data source 312 and control information from a controller/processor 340. The control information may be for the physical broadcast channel (PBCH), physical control format indicator channel (PCFICH), physical HARQ indicator channel (PHICH), physical downlink control channel (PDCCH), group common PDCCH (GC PDCCH), and/or others. The data may be for the physical downlink shared channel (PDSCH), in some examples.
[0067]Transmit processor 320 may process (e.g., encode and symbol map) the data and control information to obtain data symbols and control symbols, respectively. Transmit processor 320 may also generate reference symbols, such as for the primary synchronization signal (PSS), secondary synchronization signal (SSS), PBCH demodulation reference signal (DMRS), and channel state information reference signal (CSI-RS).
[0068]Transmit (TX) multiple-input multiple-output (MIMO) processor 330 may perform spatial processing (e.g., precoding) on the data symbols, the control symbols, and/or the reference symbols, if applicable, and may provide output symbol streams to the modulators (MODs) in transceivers 332a-332t. Each modulator in transceivers 332a-332t may process a respective output symbol stream to obtain an output sample stream. Each modulator may further process (e.g., convert to analog, amplify, filter, and upconvert) the output sample stream to obtain a downlink signal. Downlink signals from the modulators in transceivers 332a-332t may be transmitted via the antennas 334a-334t, respectively.
[0069]In order to receive the downlink transmission, UE 104 includes antennas 352a-352r that may receive the downlink signals from the BS 102 and may provide received signals to the demodulators (DEMODs) in transceivers 354a-354r, respectively. Each demodulator in transceivers 354a-354r may condition (e.g., filter, amplify, downconvert, and digitize) a respective received signal to obtain input samples. Each demodulator may further process the input samples to obtain received symbols.
[0070]MIMO detector 356 may obtain received symbols from all the demodulators in transceivers 354a-354r, perform MIMO detection on the received symbols if applicable, and provide detected symbols. Receive processor 358 may process (e.g., demodulate, deinterleave, and decode) the detected symbols, provide decoded data for the UE 104 to a data sink 360, and provide decoded control information to a controller/processor 380.
[0071]In regards to an example uplink transmission, UE 104 further includes a transmit processor 364 that may receive and process data (e.g., for the PUSCH) from a data source 362 and control information (e.g., for the physical uplink control channel (PUCCH)) from the controller/processor 380. Transmit processor 364 may also generate reference symbols for a reference signal (e.g., for the sounding reference signal (SRS)). The symbols from the transmit processor 364 may be precoded by a TX MIMO processor 366 if applicable, further processed by the modulators in transceivers 354a-354r (e.g., for SC-FDM), and transmitted to BS 102.
[0072]At BS 102, the uplink signals from UE 104 may be received by antennas 334a-t, processed by the demodulators in transceivers 332a-332t, detected by a MIMO detector 336 if applicable, and further processed by a receive processor 338 to obtain decoded data and control information sent by UE 104. Receive processor 338 may provide the decoded data to a data sink 339 and the decoded control information to the controller/processor 340.
[0073]Memories 342 and 382 may store data and program codes for BS 102 and UE 104, respectively.
[0074]Scheduler 344 may schedule UEs for data transmission on the downlink and/or uplink.
[0075]In various aspects, BS 102 may be described as transmitting and receiving various types of data associated with the methods described herein. In these contexts, “transmitting” may refer to various mechanisms of outputting data, such as outputting data from data source 312, scheduler 344, memory 342, transmit processor 320, controller/processor 340, TX MIMO processor 330, transceivers 332a-t, antenna 334a-t, and/or other aspects described herein. Similarly, “receiving” may refer to various mechanisms of obtaining data, such as obtaining data from antennas 334a-t, transceivers 332a-t, RX MIMO detector 336, controller/processor 340, receive processor 338, scheduler 344, memory 342, and/or other aspects described herein.
[0076]In various aspects, UE 104 may likewise be described as transmitting and receiving various types of data associated with the methods described herein. In these contexts, “transmitting” may refer to various mechanisms of outputting data, such as outputting data from data source 362, memory 382, transmit processor 364, controller/processor 380, TX MIMO processor 366, transceivers 354a-t, antenna 352a-t, and/or other aspects described herein. Similarly, “receiving” may refer to various mechanisms of obtaining data, such as obtaining data from antennas 352a-t, transceivers 354a-t, RX MIMO detector 356, controller/processor 380, receive processor 358, memory 382, and/or other aspects described herein.
[0077]In some aspects, a processor may be configured to perform various operations, such as those associated with the methods described herein, and transmit (output) to or receive (obtain) data from another interface that is configured to transmit or receive, respectively, the data.
[0078]
[0079]In particular,
[0080]Wireless communications systems may utilize orthogonal frequency division multiplexing (OFDM) with a cyclic prefix (CP) on the uplink and downlink. Such systems may also support half-duplex operation using time division duplexing (TDD). OFDM and single-carrier frequency division multiplexing (SC-FDM) partition the system bandwidth (e.g., as depicted in
[0081]A wireless communications frame structure may be frequency division duplex (FDD), in which, for a particular set of subcarriers, subframes within the set of subcarriers are dedicated for either DL or UL. Wireless communications frame structures may also be time division duplex (TDD), in which, for a particular set of subcarriers, subframes within the set of subcarriers are dedicated for both DL and UL.
[0082]In
[0083]In certain aspects, the number of slots within a subframe is based on a slot configuration and a numerology. For example, for slot configuration 0, different numerologies (μ) 0 to 5 allow for 1, 2, 4, 8, 16, and 32 slots, respectively, per subframe. For slot configuration 1, different numerologies 0 to 2 allow for 2, 4, and 8 slots, respectively, per subframe. Accordingly, for slot configuration 0 and numerology μ, there are 14 symbols/slot and 2μ slots/subframe. The subcarrier spacing and symbol length/duration are a function of the numerology. The subcarrier spacing may be equal to 2μ×15 kHz, where u is the numerology 0 to 5. As such, the numerology μ=0 has a subcarrier spacing of 15 kHz and the numerology μ=5 has a subcarrier spacing of 480 kHz. The symbol length/duration is inversely related to the subcarrier spacing.
[0084]As depicted in
[0085]As illustrated in
[0086]
[0087]A primary synchronization signal (PSS) may be within symbol 2 of particular subframes of a frame. The PSS is used by a UE (e.g., 104 of
[0088]A secondary synchronization signal (SSS) may be within symbol 4 of particular subframes of a frame. The SSS is used by a UE to determine a physical layer cell identity group number and radio frame timing.
[0089]Based on the physical layer identity and the physical layer cell identity group number, the UE can determine a physical cell identifier (PCI). Based on the PCI, the UE can determine the locations of the aforementioned DMRS. The physical broadcast channel (PBCH), which carries a master information block (MIB), may be logically grouped with the PSS and SSS to form a synchronization signal (SS)/PBCH block. The MIB provides a number of RBs in the system bandwidth and a system frame number (SFN). The physical downlink shared channel (PDSCH) carries user data, broadcast system information not transmitted through the PBCH such as system information blocks (SIBs), and/or paging messages.
[0090]As illustrated in
[0091]
Introduction to mmWave Wireless Communications
[0092]In wireless communications, an electromagnetic spectrum is often subdivided into various classes, bands, channels, or other features. The subdivision is often provided based on wavelength and frequency, where frequency may also be referred to as a carrier, a subcarrier, a frequency channel, a tone, or a subband.
[0093]5th generation (5G) networks may utilize several frequency ranges, which in some cases are defined by a standard, such as 3rd generation partnership project (3GPP) standards. For example, 3GPP technical standard TS 38.101 currently defines Frequency Range 1 (FR1) as including 600 MHz-6 GHz, though specific uplink and downlink allocations may fall outside of this general range. Thus, FR1 is often referred to (interchangeably) as a “Sub-6 GHz” band.
[0094]Similarly, TS 38.101 currently defines Frequency Range 2 (FR2) as including 26-41 GHz, though again specific uplink and downlink allocations may fall outside of this general range. FR2, is sometimes referred to (interchangeably) as a “millimeter wave” (“mmW” or “mmWave”) band, despite being different from the extremely high frequency (EHF) band (30 GHz-300 GHz) that is identified by the International Telecommunications Union (ITU) as a “millimeter wave” band because wavelengths at these frequencies are between 1 millimeter and 10 millimeters.
[0095]Communications using mm Wave/near mm Wave radio frequency band (e.g., 3 GHz-300 GHz) may have higher path loss and a shorter range compared to lower frequency communications. As described above with respect to
Overview of Layer 2 (L2) of New Radio (NR) Protocol Stock
[0096]New radio (NR) protocol stack has two categories: 1) control-plane stack, and 2) user-plane stack. If data corresponds to signaling or controlling message, then the data is sent through the control-plane. User data is sent through the user-plane.
[0097]User-plane protocol stock (e.g., layer 2 (L2)) of NR is split into sub layers such as a service data adaptation protocol (SDAP) layer, a packet data convergence protocol (PDCP) layer, a radio link control (RLC) layer, and a medium access control (MAC) layer. In NR, carrier aggregation is supported, and data for each carrier may be processed independently in the SDAP layer, the PDCP layer, the RLC layer and is multiplexed in the MAC layer.
[0098]The SDAP layer may perform mapping between a quality of service (QoS) flow (e.g., associated with one or more packets (e.g., protocol data units (PDUs)) and a data radio bearer (DRB) (e.g., due to QoS framework). The SDAP layer may also perform marking QoS flow ID (QFI) in both downlink and uplink packets (e.g., downlink due to reflective QoS and uplink due to QoS framework). A single protocol entity of SDAP is configured for each individual protocol data unit (PDU) session.
[0099]The PDCP layer may perform header compression and decompression of internet protocol (IP) data (e.g., robust header compression (ROHC)), maintain PDCP sequence numbers (SNs), perform in-sequence delivery of upper layer PDUs at re-establishment of lower layers, perform reordering and eliminate duplicates of lower layer service data units (SDUs), execute PDCP PDU routing for the case of split bearers, execute retransmission of lower layer SDUs, cipher and decipher control plane and user-plane data, perform integrity protection and integrity verification of control plane and user plane data, control timer-based discard of data, and perform security operations (e.g., ciphering, deciphering, integrity protection, integrity verification, etc.).
[0100]The RLC layer may operate in a plurality of modes of operation including transparent mode (TM), unacknowledged mode (UM), and acknowledged mode (AM). The RLC layer may perform transfer of upper layer PDUs error correction through automatic repeat request (ARQ) for AM data transfers, and segmentation and reassembly of RLC SDUs for UM and AM data transfers. The RLC layer may maintain SNs independent of the ones in PDCP for UM and AM data transfers. The RLC layer may perform resegmentation of RLC data PDUs for AM data transfers, detect duplicate data for AM data transfers, discard RLC SDUs for UM and AM data transfers, detect protocol errors for AM data transfers, and/or perform RLC re-establishment.
[0101]The MAC layer may perform mapping between logical channels and transport channels, multiplexing of MAC SDUs from one or more logical channels onto transport blocks (TB) to be delivered to a physical (PHY) layer via transport channels, de-multiplexing MAC SDUs to one or more logical channels from TB delivered from the PHY layer via the transport channels, scheduling information reporting, error correction through hybrid automatic repeat request (HARQ), priority handling between user equipments (UEs) by means of dynamic scheduling, priority handling between logical channels of one UE by means of logical channel prioritization, and/or padding.
[0102]The PHY layer sits at a bottom of the NR protocol stack, interfacing to a MAC sublayer higher up via transport channels. The PHY layer provides its services to the MAC layer. The PHY layer supports downlink (gNB-to-UE), uplink (UE-to-gNB) and sidelink (UE-to-UE) communications.
Overview of Massive Multiple Input Multiple Output (MIMO)
[0103]5th generation (5G) new radio (NR) massive multiple input multiple output (MIMO) is an extension of MIMO, which groups together antennas (e.g., at a transmitter device and a receiver device) to provide better throughput and spectrum efficiency. The massive MIMO expands beyond conventional systems by adding a much higher number of antennas. The higher number of antennas helps focus energy, which brings drastic improvements in throughput and efficiency. Along with the increased number of antennas, both network and user equipments (UEs) implement more complex designs to coordinate MIMO operations. The benefits of the massive MIMO to the network and the UEs may include increased network capacity and improved coverage.
[0104]Although there are several benefits of the massive MIMO, there are also some challenges associated with the massive MIMO. For example, since a high beamforming gain is achieved by using active antenna units (AAUs), which may include power consuming hardware (e.g., individual radio frequency (RF) chains per antenna port), there is a significant increase in power consumption due to the use of AAUs.
Overview of Reconfigurable Intelligent Surface (RIS)
[0105]As noted above, massive multiple input multiple output (MIMO) configuration increases throughput. For example, MIMO may achieve a high beamforming gain by using active antenna units (AAUs) and may operate with individual radio frequency (RF) chains for each antenna port. Unfortunately, the use of the AAUs may significantly increase power consumption.
[0106]To further such advantages and extend coverage, reconfigurable (or reflective) intelligent surfaces (RISs) may be deployed to reflect impinging beams/signals in desired directions. In some cases, the RISs may operate without the substantial power consumption when operating passively to only reflect or refract signals from a transmitter device towards a receiver device. In some cases, the reflection or refraction direction may be controlled by a network entity or a monitoring user equipment (UE).
[0107]
[0108]
[0109]In some cases, an RIS may be a full-duplex (FD) device. FD communication allows for simultaneous transmission between devices. Half-duplex (HD) communication flows in one direction at a time. In operation, the RIS may immediately reflect a received signal from a transmitter device to a receiver device.
[0110]In some cases, an RIS may perform passive beamforming. For example, the RIS may receive signal power from a transmitter device proportional to a number of elements such as RIS elements of the RIS. When the RIS reflects or refracts a radio signal, one or more RIS elements may cause phase shifts to perform the beamforming or precoding. The phase shifts may be based on precoding weights (e.g., a multiplier or an offset of a time delay) applied to the one or more RIS elements. In some cases, for an array of RIS elements of the RIS, an RIS controller of the RIS may generate or specify a precoding weight for each RIS element.
[0111]In some RIS-based wireless communications systems, as illustrated in
[0112]In wireless communications systems, secure communications are important. Secure communication is when two devices are communicating and do not want a third party device to listen in. For this to be the case, the devices need to communicate in a way that is unsusceptible to eavesdropping or interception. To enable the secure communications, communication channels and/or devices of the wireless communications systems are protected. However, in some wireless communications systems, the communication channels and/or the devices may not be protected, which may result in insecure communications. For example, in an RIS-based wireless communications system illustrated in
Aspects Related to Security Signature Added by RIS Controller on RIS Surface
[0113]Aspects of the present disclosure provide apparatuses, methods, processing systems, and computer-readable mediums for managing secure communications in a reconfigurable intelligent surface (RIS) based wireless communications system.
[0114]For example, to improve physical (PHY) layer security, a controller of an RIS, a user equipment (UE), and/or a network entity of the RIS-based wireless communications system may agree on a secret-key. The controller may receive a signal from a transmitter device such as the network entity. The controller may add a secret-key based random signature (e.g., apply random amplitude or phase) to the received signal, which is then reflected from a surface of the RIS towards a receiver device such as the UE. Since the UE also has the secret-key, the UE is able to decode the received signal from the RIS based on the secret-key. In some cases, if the RIS reflects the signal towards an illegitimate receiver device, the illegitimate receiver device will not be able to decode the received signal since the illegitimate receiver device does not have the secret-key. The signal maybe a data signal or a reference signal (e.g., channel state information (CSI)-reference signal, demodulation reference signal, etc.).
[0115]Techniques proposed herein enable secure communications and may be understood with reference to
[0116]As illustrated in
[0117]In certain aspects, the signaling may be layer 1, layer 2, or layer 3 signaling. In certain aspects, the network entity may be a pico cell, a micro cell, a macro cell, a relay node, an integrated access and backhaul (IAB) node, a radio access network (RAN) node, or a non-RAN node.
[0118]In certain aspects, the network entity may determine one or more secret-keys (e.g., the first secret-key, a second secret-key, a third secret-key, and a fourth secret-key). Some of these secret-keys may be same or different from each other. In certain aspects, the network entity along with the controller and a UE (e.g., such as UE 104 in wireless communication network 100 of
[0119]In certain aspects, the UE may be a sidelink UE, a programmable logic controller (PLC), a remote UE, or a customer premise equipment (CPE).
[0120]At 1104, the network entity sends the signaling indicating the first secret-key to the UE. In certain aspects, the network entity may send the signaling indicating the configuration for the security signature to the UE.
[0121]At 1106, the controller configures the RIS according to the security signature. For example, by indication of a secure mode to the controller and other wireless nodes (e.g., the UE), to improve PHY layer security, the controller may add the first secret-key based random signature to a reflected signal from a surface of the RIS (i.e., add the first secret-key based random signature to one or more beams generated by the controller).
[0122]In certain aspects, the controller may select an RIS beamformer from a set of RIS beamformers, in accordance with the security signature. For example, the controller may set a random RIS beamformer and/or RIS configuration (e.g., phase, amplitude, etc. of RIS elements) of the RIS. In another example, the controller may randomly select the random RIS beamformer from the set of RIS beamformers, which may result in a good performance for a legitimate receiver device (e.g., the UE) receiving and decoding a signal from the controller.
[0123]In certain aspects, the controller may select at least one of an amplitude value or a phase value of one or more elements of the RIS, in accordance with the security signature. For example, the controller may set a random amplitude value and/or the phase value (e.g., a complex scale of these values) on the surface of the RIS. The surface may include multiple RIS elements.
[0124]In certain aspects, the controller may change at least one of the amplitude value or the phase value of the one or more elements of the RIS over a duration of at least one symbol, in accordance with the security signature. For example, a single complex scale (e.g., phase, amplitude, etc.) across all the RIS elements on the surface of the RIS may change slowly (e.g., over at least one orthogonal frequency division multiplexing (OFDM) symbol duration). In some cases, the RIS configuration Φ(t)=Φ0×α(t)ej2πf
[0125]In certain aspects, the controller may change at least one of the amplitude value or the phase value of the one or more elements of the RIS within a first duration of a symbol or a second duration between two symbols, in accordance with the security signature. For example, the single complex scale across all the RIS elements on the surface of the RIS may change quickly (e.g., within a single OFDM symbol duration or from one OFDM symbol to other OFDM symbol) and may result in a frequency error on an entire data block or each piece of data block. In some cases, when Φ(t)=Φ0×α(t)ej2πf
[0126]In certain aspects, the controller may change at least one of the amplitude value or the phase value of the one or more elements of the RIS each sample time, in accordance with the security signature. For example, a random complex scale (e.g., phase, amplitude, etc. of RIS elements) may change each sample time, i.e., Φ(t)=Φ0×α(t)ejγ(t) where γ(t) is a random phase that changes each t and α(t) is a random amplitude that changes each t.
[0127]In certain aspects, the controller may change at least one of the amplitude value or the phase value of the one or more elements of the RIS every block of symbols, in accordance with the security signature. For example, the security signature may change every sample or a block of symbols. In this case, |α(t)ejγ(t)|=|α(t) cos(γ(t))+jα(t)sin(γ(t)|=α(t). α(t)=1 and γ(t) either It or zero every t or every interval t1 to t2 or every OFDM symbol duration or a set of OFDM symbols. α(t)∈{−1,1} and γ(t)=0 every t or every interval t1 to t2 or every OFDM symbol duration.
[0128]In certain aspects, the controller may change the phase value of the one or more elements of the RIS based on the first secret-key and the amplitude value of the one or more elements of the RIS based on the second secret-key. For example, amplitude α(t) may be generated based on the second secret-key, and the first secret-key may be used to generate phase change ι(t) or fx where x={0,1,2 . . . }. The legitimate receiver device such as the UE may remove these complex values (e.g., the amplitude and phase values) before decoding received signals, since the legitimate receiver device may know the complex values. In some cases, decoding of the received signals at an illegitimate receiver device (e.g., which does not have the first secret-key) may not be possible since these complex values may not be known to the illegitimate receiver device and as a result coherent detection is not possible.
[0129]In certain aspects, the controller may randomly turn ON or OFF one or more elements of the RIS, in accordance with the security signature. The controller may select at least one of an amplitude value or a phase value of the one or more elements that are turned ON, in accordance with the security signature.
[0130]In certain aspects, the controller may randomly turn ON or OFF one or more other RISs in accordance with the security signature. The controller may select at least one of an amplitude value or a phase value of one or more elements of the one or more other RISs that are turned ON, in accordance with the security signature. For example, when there are multiple RISs controlled by one or more controllers, the controller may randomly set one or more RISs or RIS elements ON/OFF and/or select complex values/phase ramps to be used on each RIS/RIS element, based on one or more secret-keys. In one example, the controller may use the first secret-key to set the one or more RISs ON or OFF. In another example, the controller may use the second secret-key to set RIS elements within an RIS ON or OFF. In another example, the controller may use the third secret-key for complex parameter change (alpha(t) and gamma(t)) of the RIS. In another example, the controller may use the fourth secret-key to determine how fast parameters (such as amplitude and phase) of the RIS may change.
[0131]In certain aspects, the network entity may beamform different signals on different resource elements (REs). The different signals may be one or more data signals and one or more artificial noise (AN) signals.
[0132]For example, at 1108, the network entity transmits the one or more data signals. In one example, as illustrated in
[0133]Referring back to
[0134]In certain aspects, the first subset of REs may be same as the second subset of REs.
[0135]In certain aspects, the network entity may transmit the AN signal orthogonal to a direction of the UE. For example, the AN signal may be beamformed orthogonal to a direction of the legitimate UE, but still generated based on the first secret-key, so that any potential residual interference can be removed.
[0136]In certain aspects, as illustrated in option A of
[0137]In certain aspects, the network entity may transmit the AN signal in a same direction as other AN signals. For example, as illustrated in option B of
[0138]In certain aspects, the network entity may transmit the AN signal on non-used REs of the set of REs. For example, as illustrated in
[0139]In certain aspects, as further illustrated in
[0140]Referring back to
[0141]In certain aspects, the time phase ramp and/or a location of the data signal and/or the AN signal are agreed among the network entity, the UE, and/or the controller. For example, the network entity, the UE, and/or the controller may determine and agree on the time phase ramp to be used at the controller and where the data and AN signals are located, to align all these signals for the UE to decode.
[0142]At 1114, the UE decodes the received data signal and the received AN signal, in accordance with the first secret-key. For example, during the decoding process, the UE may cancel the received AN signal since the UE knows the first secret-key, which was used to generate the AN signal.
Example Operations of a Controller
[0143]
[0144]Method 1700 begins at step 1705 with obtaining, from a network entity, signaling indicating a configuration for a security signature for at least one RIS. In some cases, the operations of this step refer to, or may be performed by, circuitry for obtaining and/or code for obtaining as described with reference to
[0145]Method 1700 then proceeds to step 1710 with configuring the at least one RIS according to the security signature. In some cases, the operations of this step refer to, or may be performed by, circuitry for configuring and/or code for configuring as described with reference to
[0146]In some aspects, the security signature is a random signature based on a first secret-key.
[0147]In some aspects, the first secret-key is agreed among at least two of the controller, the network entity, and a UE.
[0148]In some aspects, the method 1700 further includes obtaining a data signal from the network entity. In some cases, the operations of this step refer to, or may be performed by, circuitry for obtaining and/or code for obtaining as described with reference to
[0149]In some aspects, the method 1700 further includes applying a time phase ramp to shift a frequency domain of the data signal to overlap or align with a frequency domain of another signal, and wherein the other signal is AN signal. In some cases, the operations of this step refer to, or may be performed by, circuitry for applying and/or code for applying as described with reference to
[0150]In some aspects, the obtaining comprises obtaining the data signal from the network entity on a first subset of REs of a set of REs; the AN signal is obtained via a second subset of REs of the set of REs; and/or the AN signal is also based on the first secret-key.
[0151]In some aspects, at least one of the time phase ramp or a location of the data signal and the AN signal are agreed among the network entity, the UE, and the controller.
[0152]In some aspects, the method 1700 further includes selecting an RIS beamformer from a set of RIS beamformers, in accordance with the security signature. In some cases, the operations of this step refer to, or may be performed by, circuitry for selecting and/or code for selecting as described with reference to
[0153]In some aspects, the method 1700 further includes selecting at least one of an amplitude value or a phase value of one or more elements of the at least one RIS, in accordance with the security signature. In some cases, the operations of this step refer to, or may be performed by, circuitry for selecting and/or code for selecting as described with reference to
[0154]In some aspects, the method 1700 further includes changing at least one of the amplitude value or the phase value over a duration of at least one symbol, in accordance with the security signature. In some cases, the operations of this step refer to, or may be performed by, circuitry for changing and/or code for changing as described with reference to
[0155]In some aspects, the method 1700 further includes changing at least one of the amplitude value or the phase value within a first duration of a symbol or a second duration between two symbols, in accordance with the security signature. In some cases, the operations of this step refer to, or may be performed by, circuitry for changing and/or code for changing as described with reference to
[0156]In some aspects, the method 1700 further includes changing at least one of the amplitude value or the phase value each sample time, in accordance with the security signature. In some cases, the operations of this step refer to, or may be performed by, circuitry for changing and/or code for changing as described with reference to
[0157]In some aspects, the method 1700 further includes changing at least one of the amplitude value or the phase value every block of symbols, in accordance with the security signature. In some cases, the operations of this step refer to, or may be performed by, circuitry for changing and/or code for changing as described with reference to
[0158]In some aspects, the method 1700 further includes changing the phase value based on the first secret-key. In some cases, the operations of this step refer to, or may be performed by, circuitry for changing and/or code for changing as described with reference to
[0159]In some aspects, the method 1700 further includes changing the amplitude value across based on a second secret-key, wherein the second secret-key is different than the first secret-key. In some cases, the operations of this step refer to, or may be performed by, circuitry for changing and/or code for changing as described with reference to
[0160]In some aspects, the method 1700 further includes randomly turning ON or OFF one or more elements of the at least one RIS, in accordance with the security signature. In some cases, the operations of this step refer to, or may be performed by, circuitry for configuring and/or code for configuring as described with reference to
[0161]In some aspects, the method 1700 further includes selecting at least one of an amplitude value or a phase value of the one or more elements that are turned ON, in accordance with the security signature. In some cases, the operations of this step refer to, or may be performed by, circuitry for selecting and/or code for selecting as described with reference to
[0162]In some aspects, the method 1700 further includes randomly turning ON or OFF one or more other RISs in accordance with the security signature. In some cases, the operations of this step refer to, or may be performed by, circuitry for configuring and/or code for configuring as described with reference to
[0163]In some aspects, the method 1700 further includes selecting at least one of an amplitude value or a phase value of one or more elements of the one or more other RISs that are turned ON, in accordance with the security signature. In some cases, the operations of this step refer to, or may be performed by, circuitry for selecting and/or code for selecting as described with reference to
[0164]In one aspect, method 1700, or any aspect related to it, may be performed by an apparatus, such as communications device 2000 of
[0165]Note that
Example Operations of a User Equipment
[0166]
[0167]Method 1800 begins at step 1805 with obtaining, from a network entity, signaling indicating a secret-key. In some cases, the operations of this step refer to, or may be performed by, circuitry for obtaining and/or code for obtaining as described with reference to
[0168]Method 1800 then proceeds to step 1810 with obtaining, from the network entity, AN signal. In some cases, the operations of this step refer to, or may be performed by, circuitry for obtaining and/or code for obtaining as described with reference to
[0169]Method 1800 then proceeds to step 1815 with obtaining, from the network entity, a data signal via an RIS. In some cases, the operations of this step refer to, or may be performed by, circuitry for obtaining and/or code for obtaining as described with reference to
[0170]Method 1800 then proceeds to step 1820 with decoding the obtained data signal and the obtained AN signal, in accordance with the secret-key. In some cases, the operations of this step refer to, or may be performed by, circuitry for decoding and/or code for decoding as described with reference to
[0171]In some aspects, the obtaining of the data signal further comprises applying a time phase ramp to shift a frequency domain of the data signal to overlap or align with a frequency domain of the AN signal.
[0172]In some aspects, the time phase ramp is based on the secret-key.
[0173]In some aspects, the secret-key is agreed among at least two of the network entity, the UE, and a controller of the RIS.
[0174]In some aspects, at least one of the time phase ramp or a location of the data signal and the AN signal is agreed among at least two of the network entity, the UE, and a controller of the RIS.
[0175]In some aspects, the obtaining of the data signal further includes obtaining the data signal from the network entity on a first subset of REs of a set of REs; and/or the obtaining of the AN signal further includes obtaining the AN signal from the network entity on a second subset of REs of the set of REs.
[0176]In some aspects, the decoding includes cancelling the obtained AN signal, in accordance with the secret-key.
[0177]In one aspect, method 1800, or any aspect related to it, may be performed by an apparatus, such as communications device 2100 of
[0178]Note that
Example Operations of a Network Entity
[0179]
[0180]Method 1900 begins at step 1905 with determining a secret-key shared among at least two of the network entity, a UE, and a controller of at least one RIS. In some cases, the operations of this step refer to, or may be performed by, circuitry for determining and/or code for determining as described with reference to
[0181]Method 1900 then proceeds to step 1910 with generating AN signal, in accordance with the secret-key. In some cases, the operations of this step refer to, or may be performed by, circuitry for generating and/or code for generating as described with reference to
[0182]Method 1900 then proceeds to step 1915 with outputting the AN signal for transmission to the UE. In some cases, the operations of this step refer to, or may be performed by, circuitry for outputting and/or code for outputting as described with reference to
[0183]In some aspects, the method 1900 further includes outputting a data signal for transmission to the UE via the at least one RIS. In some cases, the operations of this step refer to, or may be performed by, circuitry for outputting and/or code for outputting as described with reference to
[0184]In some aspects, the outputting of the data signal further includes outputting the data signal on a first subset of REs of a set of REs; and/or the outputting of the AN signal includes outputting the AN signal on a second subset of REs of the set of REs.
[0185]In some aspects, the second subset of REs is the same as the first subset of REs.
[0186]In some aspects, the outputting of the AN signal includes outputting the AN signal on non-used REs.
[0187]In some aspects, the outputting of the AN signal includes outputting the AN signal orthogonal to a direction of the UE.
[0188]In some aspects, the outputting of the AN signal includes outputting the AN signal in a same direction as other AN signals.
[0189]In one aspect, method 1900, or any aspect related to it, may be performed by an apparatus, such as communications device 2200 of
[0190]Note that
Example Communications Devices
[0191]
[0192]The communications device 2000 includes a processing system 2005 coupled to the transceiver 2075 (e.g., a transmitter and/or a receiver). In some aspects (e.g., when communications device 2000 is a network entity), processing system 2005 may be coupled to a network interface 2085 that is configured to obtain and send signals for the communications device 2000 via communication link(s), such as a backhaul link, midhaul link, and/or fronthaul link as described herein, such as with respect to
[0193]The processing system 2005 includes one or more processors 2010. In various aspects, the one or more processors 2010 may be representative of one or more of receive processor 358, transmit processor 364, TX MIMO processor 366, and/or controller/processor 380, as described with respect to
[0194]In the depicted example, computer-readable medium/memory 2040 stores code (e.g., executable instructions), such as code for obtaining 2045, code for configuring 2050, code for selecting 2055, code for changing 2060, and code for applying 2065. Processing of the code for obtaining 2045, code for configuring 2050, code for selecting 2055, code for changing 2060, and code for applying 2065 may cause the communications device 2000 to perform the method 1700 described with respect to
[0195]The one or more processors 2010 include circuitry configured to implement (e.g., execute) the code stored in the computer-readable medium/memory 2040, including circuitry such as circuitry for obtaining 2015, circuitry for configuring 2020, circuitry for selecting 2025, circuitry for changing 2030, and circuitry for applying 2035. Processing with circuitry for obtaining 2015, circuitry for configuring 2020, circuitry for selecting 2025, circuitry for changing 2030, and circuitry for applying 2035 may cause the communications device 2000 to perform the method 1700 described with respect to
[0196]Various components of the communications device 2000 may provide means for performing the method 1700 described with respect to
[0197]
[0198]The communications device 2100 includes a processing system 2105 coupled to the transceiver 2145 (e.g., a transmitter and/or a receiver). The transceiver 2145 is configured to transmit and receive signals for the communications device 2100 via the antenna 2150, such as the various signals as described herein. The processing system 2105 may be configured to perform processing functions for the communications device 2100, including processing signals received and/or to be transmitted by the communications device 2100.
[0199]The processing system 2105 includes one or more processors 2110. In various aspects, the one or more processors 2110 may be representative of one or more of receive processor 358, transmit processor 364, TX MIMO processor 366, and/or controller/processor 380, as described with respect to
[0200]In the depicted example, computer-readable medium/memory 2125 stores code (e.g., executable instructions), such as code for obtaining 2130 and code for decoding 2135. Processing of the code for obtaining 2130 and code for decoding 2135 may cause the communications device 2100 to perform the method 1800 described with respect to
[0201]The one or more processors 2110 include circuitry configured to implement (e.g., execute) the code stored in the computer-readable medium/memory 2125, including circuitry such as circuitry for obtaining 2115 and circuitry for decoding 2120. Processing with circuitry for obtaining 2115 and circuitry for decoding 2120 may cause the communications device 2100 to perform the method 1800 described with respect to
[0202]Various components of the communications device 2100 may provide means for performing the method 1800 described with respect to
[0203]
[0204]The communications device 2200 includes a processing system 2205 coupled to the transceiver 2255 (e.g., a transmitter and/or a receiver) and/or a network interface 2265. The transceiver 2255 is configured to transmit and receive signals for the communications device 2200 via the antenna 2260, such as the various signals as described herein. The network interface 2265 is configured to obtain and send signals for the communications device 2200 via communication link(s), such as a backhaul link, midhaul link, and/or fronthaul link as described herein, such as with respect to
[0205]The processing system 2205 includes one or more processors 2210. In various aspects, one or more processors 2210 may be representative of one or more of receive processor 338, transmit processor 320, TX MIMO processor 330, and/or controller/processor 340, as described with respect to
[0206]In the depicted example, the computer-readable medium/memory 2230 stores code (e.g., executable instructions), such as code for determining 2235, code for generating 2240, and code for outputting 2245. Processing of the code for determining 2235, code for generating 2240, and code for outputting 2245 may cause the communications device 2200 to perform the method 1900 described with respect to
[0207]The one or more processors 2210 include circuitry configured to implement (e.g., execute) the code stored in the computer-readable medium/memory 2230, including circuitry such as circuitry for determining 2215, circuitry for generating 2220, and circuitry for outputting 2225. Processing with circuitry for determining 2215, circuitry for generating 2220, and circuitry for outputting 2225 may cause the communications device 2200 to perform the method 1900 as described with respect to
[0208]Various components of the communications device 2200 may provide means for performing the method 1900 as described with respect to
Example Clauses
[0209]Implementation examples are described in the following numbered clauses:
[0210]Clause 1: A method for wireless communications at a controller, comprising: obtaining, from a network entity, signaling indicating a configuration for a security signature for at least one RIS; and configuring the at least one RIS according to the security signature.
[0211]Clause 2: The method of Clause 1, wherein the security signature is a random signature based on a first secret-key.
[0212]Clause 3: The method of Clause 2, wherein the first secret-key is agreed among at least two of the controller, the network entity, and a UE.
[0213]Clause 4: The method of Clause 3, further comprising: obtaining a data signal from the network entity; and applying a time phase ramp to shift a frequency domain of the data signal to overlap or align with a frequency domain of another signal, and wherein the other signal is AN signal.
[0214]Clause 5: The method of Clause 4, wherein, at least one of: the obtaining comprises obtaining the data signal from the network entity on a first subset of REs of a set of REs; the AN signal is obtained via a second subset of REs of the set of REs; or the AN signal is also based on the first secret-key.
[0215]Clause 6: The method of Clause 4, wherein at least one of the time phase ramp or a location of the data signal and the AN signal are agreed among the network entity, the UE, and the controller.
[0216]Clause 7: The method of Clause 2, further comprising: selecting an RIS beamformer from a set of RIS beamformers, in accordance with the security signature.
[0217]Clause 8: The method of Clause 2, further comprising: selecting at least one of an amplitude value or a phase value of one or more elements of the at least one RIS, in accordance with the security signature.
[0218]Clause 9: The method of Clause 8, further comprising: changing at least one of the amplitude value or the phase value over a duration of at least one symbol, in accordance with the security signature.
[0219]Clause 10: The method of Clause 8, further comprising: changing at least one of the amplitude value or the phase value within a first duration of a symbol or a second duration between two symbols, in accordance with the security signature.
[0220]Clause 11: The method of Clause 8, further comprising: changing at least one of the amplitude value or the phase value each sample time, in accordance with the security signature.
[0221]Clause 12: The method of Clause 8, further comprising: changing at least one of the amplitude value or the phase value every block of symbols, in accordance with the security signature.
[0222]Clause 13: The method of Clause 8, further comprising: changing the phase value based on the first secret-key; and changing the amplitude value based on a second secret-key, wherein the second secret-key is different than the first secret-key.
[0223]Clause 14: The method of any one of Clauses 1-13, further comprising: randomly turning ON or OFF one or more elements of the at least one RIS, in accordance with the security signature; and selecting at least one of an amplitude value or a phase value of the one or more elements that are turned ON, in accordance with the security signature.
[0224]Clause 15: The method of any one of Clauses 1-14, further comprising: randomly turning ON or OFF one or more other RISs in accordance with the security signature; and selecting at least one of an amplitude value or a phase value of one or more elements of the one or more other RISs that are turned ON, in accordance with the security signature.
[0225]Clause 16: A method for wireless communications at a UE, comprising: obtaining, from a network entity, signaling indicating a secret-key; obtaining, from the network entity, AN signal; obtaining, from the network entity, a data signal via an RIS; and decoding the obtained data signal and the obtained AN signal, in accordance with the secret-key.
[0226]Clause 17: The method of Clause 16, wherein the obtaining of the data signal further comprises applying a time phase ramp to shift a frequency domain of the data signal to overlap or align with a frequency domain of the AN signal.
[0227]Clause 18: The method of Clause 17, wherein the time phase ramp is based on the secret-key Clause 19: The method of Clause 18, wherein the secret-key is agreed among at least two of the network entity, the UE, and a controller of the RIS.
[0228]Clause 20: The method of Clause 17, wherein at least one of the time phase ramp or a location of the data signal and the AN signal is agreed among at least two of the network entity, the UE, and a controller of the RIS.
[0229]Clause 21: The method of any one of Clauses 16-20, wherein, at least one of: the obtaining of the data signal further comprises obtaining the data signal from the network entity on a first subset of REs of a set of REs; or the obtaining of the AN signal further comprises obtaining the AN signal from the network entity on a second subset of REs of the set of REs.
[0230]Clause 22: The method of any one of Clauses 16-21, wherein the decoding comprises cancelling the obtained AN signal, in accordance with the secret-key.
[0231]Clause 23: A method for wireless communications at a network entity, comprising: determining a secret-key shared among at least two of the network entity, a UE, and a controller of at least one RIS; generating AN signal, in accordance with the secret-key; and outputting the AN signal for transmission to the UE.
[0232]Clause 24: The method of Clause 23, further comprising: outputting a data signal for transmission to the UE via the at least one RIS.
[0233]Clause 25: The method of Clause 24, wherein, at least one of: the outputting of the data signal further comprises outputting the data signal on a first subset of REs of a set of REs; or the outputting of the AN signal comprises outputting the AN signal on a second subset of REs of the set of REs.
[0234]Clause 26: The method of Clause 25, wherein the second subset of REs is the same as the first subset of REs.
[0235]Clause 27: The method of Clause 23, wherein the outputting of the AN signal comprises outputting the AN signal on non-used REs.
[0236]Clause 28: The method of any one of Clauses 23-27, wherein the outputting of the AN signal comprises outputting the AN signal orthogonal to a direction of the UE.
[0237]Clause 29: The method of any one of Clauses 23-28, wherein the outputting of the AN signal comprises outputting the AN signal in a same direction as other AN signals.
[0238]Clause 30: An apparatus, comprising: a memory comprising executable instructions; and a processor configured to execute the executable instructions and cause the apparatus to perform a method in accordance with any one of Clauses 1-29.
[0239]Clause 31: An apparatus, comprising means for performing a method in accordance with any one of Clauses 1-29.
[0240]Clause 32: A non-transitory computer-readable medium comprising executable instructions that, when executed by a processor of an apparatus, cause the apparatus to perform a method in accordance with any one of Clauses 1-29.
[0241]Clause 33: A computer program product embodied on a computer-readable storage medium comprising code for performing a method in accordance with any one of Clauses 1-29.
[0242]Clause 34: A controller, comprising: at least one transceiver; a memory comprising executable instructions; and a processor configured to execute the executable instructions and cause the controller to perform a method in accordance with any one of Clauses 1-15, wherein the at least one transceiver is configured to receive the signaling from the network entity.
[0243]Clause 35: A user equipment (UE), comprising: at least one transceiver; a memory comprising executable instructions; and a processor configured to execute the executable instructions and cause the UE to perform a method in accordance with any one of Clauses 16-22, wherein the at least one transceiver is configured to receive the signaling, the AN signal, and the data signal from the network entity.
[0244]Clause 36: A network entity, comprising: at least one transceiver; a memory comprising executable instructions; and a processor configured to execute the executable instructions and cause the network entity to perform a method in accordance with any one of Clauses 23-29, wherein the at least one transceiver is configured to transmit the AN signal to the UE.
Additional Considerations
[0245]The preceding description is provided to enable any person skilled in the art to practice the various aspects described herein. The examples discussed herein are not limiting of the scope, applicability, or aspects set forth in the claims. Various modifications to these aspects will be readily apparent to those skilled in the art, and the general principles defined herein may be applied to other aspects. For example, changes may be made in the function and arrangement of elements discussed without departing from the scope of the disclosure. Various examples may omit, substitute, or add various procedures or components as appropriate. For instance, the methods described may be performed in an order different from that described, and various actions may be added, omitted, or combined. Also, features described with respect to some examples may be combined in some other examples. For example, an apparatus may be implemented or a method may be practiced using any number of the aspects set forth herein. In addition, the scope of the disclosure is intended to cover such an apparatus or method that is practiced using other structure, functionality, or structure and functionality in addition to, or other than, the various aspects of the disclosure set forth herein. It should be understood that any aspect of the disclosure disclosed herein may be embodied by one or more elements of a claim.
[0246]The various illustrative logical blocks, modules and circuits described in connection with the present disclosure may be implemented or performed with a general purpose processor, a digital signal processor (DSP), an ASIC, a field programmable gate array (FPGA) or other programmable logic device (PLD), discrete gate or transistor logic, discrete hardware components, or any combination thereof designed to perform the functions described herein. A general-purpose processor may be a microprocessor, but in the alternative, the processor may be any commercially available processor, controller, microcontroller, or state machine. A processor may also be implemented as a combination of computing devices, e.g., a combination of a DSP and a microprocessor, a plurality of microprocessors, one or more microprocessors in conjunction with a DSP core, a system on a chip (SoC), or any other such configuration.
[0247]As used herein, a phrase referring to “at least one of” a list of items refers to any combination of those items, including single members. As an example, “at least one of: a, b, or c” is intended to cover a, b, c, a-b, a-c, b-c, and a-b-c, as well as any combination with multiples of the same element (e.g., a-a, a-a-a, a-a-b, a-a-c, a-b-b, a-c-c, b-b, b-b-b, b-b-c, c-c, and c-c-c or any other ordering of a, b, and c).
[0248]As used herein, the term “determining” encompasses a wide variety of actions. For example, “determining” may include calculating, computing, processing, deriving, investigating, looking up (e.g., looking up in a table, a database or another data structure), ascertaining and the like. Also, “determining” may include receiving (e.g., receiving information), accessing (e.g., accessing data in a memory) and the like. Also, “determining”may include resolving, selecting, choosing, establishing and the like.
[0249]The methods disclosed herein comprise one or more actions for achieving the methods. The method actions may be interchanged with one another without departing from the scope of the claims. In other words, unless a specific order of actions is specified, the order and/or use of specific actions may be modified without departing from the scope of the claims. Further, the various operations of methods described above may be performed by any suitable means capable of performing the corresponding functions. The means may include various hardware and/or software component(s) and/or module(s), including, but not limited to a circuit, an application specific integrated circuit (ASIC), or processor.
[0250]The following claims are not intended to be limited to the aspects shown herein, but are to be accorded the full scope consistent with the language of the claims. Within a claim, reference to an element in the singular is not intended to mean “one and only one” unless specifically so stated, but rather “one or more.” Unless specifically stated otherwise, the term “some” refers to one or more. No claim element is to be construed under the provisions of 35 U.S.C. § 112(f) unless the element is expressly recited using the phrase “means for”. All structural and functional equivalents to the elements of the various aspects described throughout this disclosure that are known or later come to be known to those of ordinary skill in the art are expressly incorporated herein by reference and are intended to be encompassed by the claims. Moreover, nothing disclosed herein is intended to be dedicated to the public regardless of whether such disclosure is explicitly recited in the claims.
Claims
1. An apparatus for wireless communications, comprising:
a memory comprising computer-executable instructions; and
a processor configured to execute the computer-executable instructions and cause the apparatus to:
obtain, from a network entity, signaling indicating a configuration for a security signature for at least one reconfigurable intelligent surface (RIS); and
configure the at least one RIS according to the security signature.
2. The apparatus of
3. The apparatus of
4. The apparatus of
5. The apparatus of
6. The apparatus of
the processor is further configured to execute the computer-executable instructions and cause the apparatus to change at least one of the amplitude value or the phase value over a duration of at least one symbol, in accordance with the security signature;
the processor is further configured to execute the computer-executable instructions and cause the apparatus to change at least one of the amplitude value or the phase value within a first duration of a symbol or a second duration between two symbols, in accordance with the security signature;
the processor is further configured to execute the computer-executable instructions and cause the apparatus to change at least one of the amplitude value or the phase value each sample time, in accordance with the security signature;
the processor is further configured to execute the computer-executable instructions and cause the apparatus to change at least one of the amplitude value or the phase value every block of symbols, in accordance with the security signature; or
the processor is further configured to execute the computer-executable instructions and cause the apparatus to change the phase value based on the first secret-key and change the amplitude value based on a second secret-key, wherein the second secret-key is different than the first secret-key.
7-9. (canceled)
10. The apparatus of
change the phase value based on the first secret-key; and
change the amplitude value based on a second secret-key, wherein the second secret-key is different than the first secret-key.
11. The apparatus of
randomly turn ON or OFF one or more elements of the at least one RIS, in accordance with the security signature; and
select at least one of an amplitude value or a phase value of the one or more elements that are turned ON, in accordance with the security signature.
12. The apparatus of
randomly turn ON or OFF one or more other RISs in accordance with the security signature; and
select at least one of an amplitude value or a phase value of one or more elements of the one or more other RISs that are turned ON, in accordance with the security signature.
13. The apparatus of
obtain a data signal from the network entity; and
apply a time phase ramp to shift a frequency domain of the data signal to overlap or align with a frequency domain of another signal, and wherein the other signal is an artificial noise (AN) signal.
14. The apparatus of
the obtain the data signal comprises obtain the data signal from the network entity on a first subset of resource elements (REs) of a set of REs;
the AN signal is obtained via a second subset of REs of the set of REs;
the AN signal is also based on the first secret-key; or
at least one of the time phase ramp or a location of the data signal and the AN signal are agreed among the network entity, the UE, and the apparatus.
15. (canceled)
16. An apparatus for wireless communications, comprising:
a memory comprising computer-executable instructions; and
a processor configured to execute the computer-executable instructions and cause the apparatus to:
obtain, from a network entity, signaling indicating a secret-key;
obtain, from the network entity, an artificial noise (AN) signal;
obtain, from the network entity, a data signal via a reconfigurable intelligent surface (RIS); and
decode the obtained data signal and the obtained AN signal, in accordance with the secret-key.
17. The apparatus of
18. The apparatus of
the time phase ramp is based on the secret-key; or
the secret-key is agreed among at least two of the network entity, the apparatus, and a controller of the RIS.
19. (canceled)
20. The apparatus of
the obtaining of the data signal further comprises obtaining the data signal from the network entity on a first subset of resource elements (REs) of a set of REs;
the obtaining of the AN signal further comprises obtaining the AN signal from the network entity on a second subset of REs of the set of REs; or
the decoding comprises cancelling the obtained AN signal, in accordance with the secret-key.
21. The apparatus of
22. (canceled)
23. An apparatus for wireless communications, comprising:
a memory comprising computer-executable instructions; and
a processor configured to execute the computer-executable instructions and cause the apparatus to:
determine a secret-key shared among at least two of the apparatus, a user equipment (UE), and a controller of at least one reconfigurable intelligent surface (RIS);
generate an artificial noise (AN) signal, in accordance with the secret-key; and
output the AN signal for transmission to the UE.
24. The apparatus of
25. The apparatus of
the output of the data signal further comprises outputting the data signal on a first subset of resource elements (REs) of a set of REs;
the output of the AN signal comprises outputting the AN signal on a second subset of RES of the set of REs;
the output of the AN signal comprises outputting the AN signal orthogonal to a direction of the UE;
the output of the AN signal comprises outputting the AN signal in a same direction as other AN signals; or
the output of the AN signal comprises outputting the AN signal on one or more non-used resource elements (REs).
26. (canceled)
27. The apparatus of
28-30. (canceled)